Wireshark mailing list archives
Re: TCP dissect issue when app-level message spans multiple TCP packets
From: "Fernandez, Rafael" <Rafael.Fernandez () citadelgroup com>
Date: Thu, 5 May 2011 14:17:09 -0500
There are only TCP packets in my capture file. I don't have access to svn at work, I just tried the 1.5.1 dev version code. It is the same. -----Original Message----- From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Chris Maynard Sent: Thursday, May 05, 2011 1:26 PM To: wireshark-dev () wireshark org Subject: Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael <Rafael.Fernandez@...> writes:
OK. This function returns exactly the same as yours. The rest of the code in
there for debugging purposes. You're right. I got distracted by the comparison still being done between last_size and remaining.
Don't you think there is an issue with this?
Can you try removing the "if(pinfo->tcp_tree != NULL)" check? if(pinfo->tcp_tree != NULL) { tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 4, get_message_tcpmessage_len, dissect_message_tcpmessage); } If that helps, then you should look into structuring your code like the dns dissector does, with separate dissect_message_tcp() and dissect_message_udp() functions. If that doesn't help, then you might try compiling your code against the latest development trunk as I believe there have been some changes made recently concerning reassembly that might help you. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe CONFIDENTIALITY AND SECURITY NOTICE The contents of this message and any attachments may be confidential and proprietary and also may be covered by the Electronic Communications Privacy Act. This message is not intended to be used by, and should not be relied upon in any way, by any third party. If you are not an intended recipient, please inform the sender of the transmission error and delete this message immediately without reading, disseminating, distributing or copying the contents. Citadel makes no assurances that this e-mail and any attachments are free of viruses and other harmful code. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 04)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets John Sullivan (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)
- Re: [Wireshark-dev] TCP dissect issue when app-level message spans multiple TCP packets Chris Maynard (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Fernandez, Rafael (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Jeff Morriss (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Max Dmitrichenko (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Graham Bloice (May 05)
- Re: TCP dissect issue when app-level message spans multiple TCP packets Guy Harris (May 05)